This morning’s reminder that it’s not just HIPAA covered entities or business associates that may be exposing your medical information to a breach. Volunteers of America Chesapeake & Carolinas (“VOACC”) announced today a phishing email incident that involved a small number of email accounts in its computer environment. The phishing email incident resulted in unauthorized access to…
Category: Phishing
OH: Fisher-Titus Medical Center notified patients; employee email account accessed last year
Brandon Addeo reports: The personal information of patients at Fisher-Titus Medical Center was compromised after an unknown person gained access to an employee’s email account. According to a notice from the Norwalk hospital, someone accessed an employee’s email between August 2020 and October 2020. That email account contained personal information including people’s full names, Social…
Sequoia Capital Suffers Data Breach
Dark Reading reports: Sequoia Capital last week warned investors that some of their personal and sensitive information may have been exposed in a recent data breach of the firm. According to reports, Sequoia said the data may have been accessed by a third party in the breach, which occurred as a result of a successful phishing attack on an employee via email….
CIS launches no-cost ransomware service for U.S. hospitals
Kat Jerich reports: The nonprofit Center for Internet Security announced this week that it had launched a no-cost ransomware protection service for private hospitals in the United States. The Malicious Domain Blocking and Reporting service, which is already available for public hospitals, health departments and healthcare organizations, uses Enterprise Threat Protector software from the cybersecurity…
Hundreds of University of Alabama – Huntsville email accounts compromised through phishing attempts
Anna Mahan reports: Multiple UAH email accounts were compromised through a phishing attempt in January, that’s confirmed by the UAH Office of Information Technology. Some emails impacted did contain personal information such as name, date of birth, or social security number. However, school officials say there was no server or directory impacted and no credit…
MN: School district employees falls for phishing attack; W-2 forms of 677 employees now compromised
David Colburn reports: REGIONAL- ISD 2142 fell prey to a common online phishing scheme on Feb. 4 when a scammer posing as Superintendent Reggie Engebritson used a fraudulent email to obtain the W-2 forms of 677 district employees. Engebritson sent a letter to staff the same day, informing them of the data breach. Read more…